Him, an adventurer, CISO, soldier, Marine, law officer, author, professor, spy, yachty, motorcyclist, photographer. Her, was the church lady librarian, got divorced, joined a motorcycle gang, became a hacker, and world adventurer.

From “Yes we can”, to “No you can’t” a president and his Blackberry

The 44th president of the United States while not a technologist is an avid user of technology. Though considered by many to be addictive the reality is a Blackberry represents the open flow of information and is the spirit of the first amendment to the Constitution. Why would we as a people want that information flow to be negatively impacted for the chief executive charged to protect that right? If redress of issues is the right of people how can we expect that to be legitimate if the leaders are closeted in seclusion without access to the concerns of the people? Access to the president of the United States is a jealously guarded commodity. Unfortunately as we have seen all to often it has been abused.

Barak Obama has said that he wishes to keep his Blackberry. Referring to the future Presidents Blackberry as an addiction adds nothing to the conversation and is a way of marginalizing a larger issue of controlling the president. The primary issue is access to an unfiltered information flow. Technologists serve society not technology yet the excuses flow that the Blackberry is a risk. The information assurance and security issues do exist but if the “security gurus” have their way and keep the president from accessing a technology he understands it will be a sad day. What this false form of security will have accomplished is a denial of service attack on the president. It is not up to technologists to tell people “No” it is imperative that we “make things happen” and inform our users while mitigating risks. I cannot believe how poorly luddites and his ill equipped advisors are treating the 44th president of the United States. For the president of “Yes we can” I will not accept “No you can’t”.

The issues of having a Blackberry attached to the hip of the president of the United States come in a few forms and most are solvable fairly easily. First, though the Blackberry and smart phone are ubiquitous and pervasive within the circle of Washington, it is fairly troubling that the president would be singled out to not have a device. It is egregious and erroneous to lay many issues at his feet and not realize those same issues exist for all of his staff too (yet they get to keep their BlackBerry’s). The issues of secure Blackberry devices has been solved for quite some time.

It is possible to take over (sic) a cell phone through the Bluetooth access protocol. For this reason alone any cell phone that you truly want secure should have the Bluetooth functionality turned off. Especially important is to not use a wireless headset which might be open to monitoring from fairly great distances.

Any cell phone is going to be subject to third party monitoring and at greater risk than the tightly controlled Whitehouse switchboard which piggy-backs on the national telephone infrastructure. However, even the fairly robust protocols used by the Whitehouse switchboard are subject to transgression at any end point (though I was once told they can detect snooping fairly easily besides the normal line drop or line noise). The answer is to work with the cell provider and lock the records of calls and in progress calls at the provider (as has been done for much less influential celebrities). Nobody is going to be trusting national security to a Blackberry and they are not allowed into secure compartmentalized information facilities (SCIFs) though exceptions do exist.

Remote targeting of subjects using cell phone electronic serial numbers (ESNs) using the cell phone infrastructure causes concern for Taliban insurgents in Afghanistan. Would not the president of the United States having a cell phone allow for tracking him too? Of course it would. So would the huge wireless presence of his secret service detail, all of those aides, the always-attached pool of reporters, the big black limousines, and the ever present helicopter security details. That is another possible issue that just does not make sense.

The presidential records act sets forward guidance to gather, and protect the writings and correspondence of the president of the United States. The law is pretty explicit on what needs to be protected which contrary to popular belief is not everything. However, anything can be subpoenaed and as such it is believed that constraining presidential correspondence to as few channels as possible allows for full disclosure at a later time. Much of this is in response to President Bush and the chance of violations of the Presidential Records Act. Of course, a Blackberry can provide that quite easily through logging of the device activities (easily done), and the email and web browser history can be harvested for posterity. Since we know that a lot of the government uses the Blackberry device already I can’t imagine that they don’t have a Blackberry server that could be backed up daily for archival purposes. Much easier than say the doodles on a note pad. It would appear that control of the archival record is the primary concern not security, safety, privacy, or secrecy. To say it another way. Control of access to the president and what he has said is the primary concern with keeping him from having a Blackberry device.

I understand that there are operational security and information security concerns with the use of any electronic device. It is a false assumption of security to take that device away from one person when so many others will have the same types of devices around him. It is suspect to a fault, and raising the red flag of security is all to often a smoke screen to control a person rather than help them.

I applaud president-elect Obama’s continuing efforts to keep the tools that made him a successful person, a successful candidate, and hopefully a great president. The issue is truly trivial in the larger scope of the problems facing the United States of America, but the Blackberry debate is indicative of a few things. When computers became pervasive we gave them to every secretary yet I understand it took years to get one in the Oval office. Why would we as a people allow myopic, misguided technologists to cripple the president of the United States of America through egregious interpretation of policies? The most high-tech nation on the face of the planet can not figure out how to get the Internet into the hands of the President of that nation?

There is also another issue. We continue to call computer scientist and electrical engineers technologists. That short changes the role of technologists. When baking bread the computer scientist is concerned with how the ingredients are mixed and in what proportions. The electrical engineer is worried about the reactions of yeast and flour and how they occur. As a technologist I bake bread and make it an art form by pulling from the different fields and fusing the knowledge together to create a delicious repast. People claiming to be security experts more concerned about controlling other people than serving their needs make poor security practitioners.

Cyber?

Cyber security and the technologies of securing the information enterprise of industry and government require a trans-disciplinary while still STEM focused research agenda. The term “cyber” itself denotes a human cognitive centric concept that deals with the disintermediation of technology centered within human activity. The changing focus from system threat mitigation to enterprise risk management has opened completely new areas of inquiry into security.